I'm working on a JS side project to take a break from #dotnet. Tried adding #shadcn to #NextJS in a #NXWorkspace. Shadcn expects both package.json and Next.js in the same place, with Nx package.json is in root while Next.js is in a subfolder. All tutorials on how to get it working seem like magical incantations and they're for a previous version of shadcn and tailwind. Eventually got it to complete init, but had to create an empty vite.config.js in root dir to fool shadcn into installing - will see if it works tomorrow.

So, I need an idea for a side-side project to take a break from JS. Maybe Golang this time?

Gonna finish my current project with #NextJS and #prisma on #postgrrsql.

The next one will be simple #React with #Express. And #Bun. Maybe with #Mongodb.

Headway is hiring Engineering Manager (Claims Platform)

#python #typescript #nextjs #react #remix #aws #kafka #postgresql #redis #awss3 #engineeringmanager
Remote; New York City, New York; San Francisco, California; Seattle, Washington
Full-time
Headway

Job details https://jobsfordevelopers.com/jobs/engineering-manager-claims-platform-at-headway-co-mar-18-2025-ec76fb?utm_source=mastodon.world&utm_medium=social&utm_campaign=posting
#jobalert #jobsearch #hiring

@EvanHahn can you share tips to aspiring devs struggling to create software? Sorry, I know this is a little generic question, but since the last three years I've graduated jobless and I am lacking the motivation to work towards a soul-draining 9-to-5 IT job.

Not having any successful - as of now, I am struggling to create my own blog/portfolio in Next + MDX + Tailwind, especially the design aspect.

Well... #yarn 1.22 is obsolete and 4.x is "PNP", thus incompatible with #nextjs . Gonna stick with classic #npm.

Yay I can add basic customers in my CRM project! Trying to learn #nextjs and #prisma.

You should know this before choosing Next.js

https://eduardoboucas.com/posts/2025-03-25-you-should-know-this-before-choosing-nextjs/

#Development #Insights
Before choosing Next.js · What to know about the web development framework https://ilo.im/162zgl

_____
#OpenSource #Vercel #NextJS #React #JavaScript #Framework #Hosting #WebDev #Frontend #Backend

What are your thoughts on Vercel and Next JS? It seems like a walked garden to me...

Critical flaw in #Nextjs lets hackers bypass authorization

https://www.bleepingcomputer.com/news/security/critical-flaw-in-nextjs-lets-hackers-bypass-authorization/

Exploring SSR Patterns: Next.js, Nuxt.js, and Alternatives https://chat-to.dev/post?id=TVRpYklqejFjdnlZQXlHR3JHU0Jkdz09 #nextjs #nuxtjs #javascript #programming

Looking for freelance #NextJS devs. Potential to earn upto ₹20K a week.

Reject modernity (Next.js); embrace tradition (PHP).

»Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization:
A severe vulnerability has been identified in Next.js, a popular React framework used for building web applications, under the designation CVE-2025-29927.«

Well, I have to give it up and look at it.

https://gbhackers.com/critical-next-js-middleware-vulnerability/

Next.js has patched a critical vulnerability that lets attackers bypass auth middleware in self-hosted apps. Immediate action is necessary: patch now.

https://socket.dev/blog/next-js-patches-critical-middleware-vulnerability #nextjs #javascript

With #CVE_2025_29927, Next.js has now suffered its second major vulnerability in just three months, following #CVE_2024_51479.

I originally built CVE Crowd with #NextJS.

However, as the application became more complex (especially with authentication), I decided to switch to a framework I was more familiar with.

Honestly, I’m feeling a bit relieved about that right now...

Critical Next.js Middleware Vulnerability (CVE-2025-29927)

A major auth bypass vulnerability in Next.js middleware (prior to v14.2.25 / v15.2.3) allows attackers to inject the x-middleware-subrequest header and bypass authorization entirely. Exploitable via simple HTTP requests—no user interaction, no special permissions.

Patch. Now. Or block the header manually.

GitHub scored this 9.1 CRITICAL, but the real issue? This flaw exposes a systemic weakness in middleware validation, and some vendors weren’t exactly upfront about the risks.

Details + POC: https://zeropath.com/blog/nextjs-middleware-cve-2025-29927-auth-bypass
NVD: https://nvd.nist.gov/vuln/detail/CVE-2025-29927

Security theater is easy. Secure defaults and transparency are harder—but essential.

Unveiling a Critical Vulnerability in Next.js Middleware: A Deep Dive

A recent security discovery has exposed a critical vulnerability in Next.js middleware, affecting all versions from 11.1.4 onwards. This flaw allows attackers to bypass authentication and authorizatio...

https://news.lavx.hu/article/unveiling-a-critical-vulnerability-in-next-js-middleware-a-deep-dive

Rebuild the frontend today looks a lot nicer now and is less horrible code wise. https://github.com/paviro/RPi-LED-Sign-Controller #ledmatrix #led #lights #rust #nextjs #node
https://whisper.tf/@paul/114195460553220826

Next.js — The React Framework

https://w3things.com/blog/nextjs/

Learn Next.js, a full-stack React framework. Explore its features, such as the App Router, Incremental Static Regeneration (ISR), and Server-Side Rendering.